CVE-2026-1552

Medium CVSS: 5.3

A security vulnerability has been detected in SEMCMS 5.0. This vulnerability affects unknown code of the file /SEMCMS_Info.php. The manipulation of the argument searchml leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Sem-cms

Product

Semcms

CWE

CWE-74

Yayın Tarihi

2026-01-29 01:16:09

Güncelleme

2026-02-09 15:26:57

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-74 Semcms MEDIUM Sem-cms 2026

Referanslar

https://github.com/Sqli22/Sqli/issues/4 https://vuldb.com/?ctiid.343248 https://vuldb.com/?id.343248 https://vuldb.com/?submit.740549

Benzer Kayıtlar

Medium

CVE-2025-51655

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the pid parameter at SEMCMS_Quanxian.php.

Medium

CVE-2025-51656

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Link.php.

Medium

CVE-2025-51657

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Link.php.

Medium

CVE-2025-51658

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_InquiryView.php.

Medium

CVE-2025-51659

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the ID parameter at SEMCMS_Products.php.

Medium

CVE-2025-51660

SemCms v5.0 was discovered to contain a SQL injection vulnerability via the lgid parameter at SEMCMS_Products.php.